1 /* 2 * NFC Digital Protocol stack 3 * Copyright (c) 2013, Intel Corporation. 4 * 5 * This program is free software; you can redistribute it and/or modify it 6 * under the terms and conditions of the GNU General Public License, 7 * version 2, as published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 12 * more details. 13 * 14 */ 15 16 #define pr_fmt(fmt) "digital: %s: " fmt, __func__ 17 18 #include "digital.h" 19 20 #define DIGITAL_CMD_SENS_REQ 0x26 21 #define DIGITAL_CMD_ALL_REQ 0x52 22 #define DIGITAL_CMD_SEL_REQ_CL1 0x93 23 #define DIGITAL_CMD_SEL_REQ_CL2 0x95 24 #define DIGITAL_CMD_SEL_REQ_CL3 0x97 25 26 #define DIGITAL_SDD_REQ_SEL_PAR 0x20 27 28 #define DIGITAL_SDD_RES_CT 0x88 29 #define DIGITAL_SDD_RES_LEN 5 30 31 #define DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res) (!((sel_res) & 0x04)) 32 #define DIGITAL_SEL_RES_IS_T2T(sel_res) (!((sel_res) & 0x60)) 33 #define DIGITAL_SEL_RES_IS_T4T(sel_res) ((sel_res) & 0x20) 34 #define DIGITAL_SEL_RES_IS_NFC_DEP(sel_res) ((sel_res) & 0x40) 35 36 #define DIGITAL_SENS_RES_IS_T1T(sens_res) (((sens_res) & 0x0C00) == 0x0C00) 37 #define DIGITAL_SENS_RES_IS_VALID(sens_res) \ 38 ((!((sens_res) & 0x001F) && (((sens_res) & 0x0C00) == 0x0C00)) || \ 39 (((sens_res) & 0x001F) && ((sens_res) & 0x0C00) != 0x0C00)) 40 41 #define DIGITAL_MIFARE_READ_RES_LEN 16 42 #define DIGITAL_MIFARE_ACK_RES 0x0A 43 44 #define DIGITAL_CMD_SENSF_REQ 0x00 45 #define DIGITAL_CMD_SENSF_RES 0x01 46 47 #define DIGITAL_SENSF_RES_MIN_LENGTH 17 48 #define DIGITAL_SENSF_RES_RD_AP_B1 0x00 49 #define DIGITAL_SENSF_RES_RD_AP_B2 0x8F 50 51 #define DIGITAL_SENSF_REQ_RC_NONE 0 52 #define DIGITAL_SENSF_REQ_RC_SC 1 53 #define DIGITAL_SENSF_REQ_RC_AP 2 54 55 #define DIGITAL_CMD_ISO15693_INVENTORY_REQ 0x01 56 57 #define DIGITAL_ISO15693_REQ_FLAG_DATA_RATE BIT(1) 58 #define DIGITAL_ISO15693_REQ_FLAG_INVENTORY BIT(2) 59 #define DIGITAL_ISO15693_REQ_FLAG_NB_SLOTS BIT(5) 60 #define DIGITAL_ISO15693_RES_FLAG_ERROR BIT(0) 61 #define DIGITAL_ISO15693_RES_IS_VALID(flags) \ 62 (!((flags) & DIGITAL_ISO15693_RES_FLAG_ERROR)) 63 64 #define DIGITAL_ISO_DEP_I_PCB 0x02 65 #define DIGITAL_ISO_DEP_PNI(pni) ((pni) & 0x01) 66 67 #define DIGITAL_ISO_DEP_PCB_TYPE(pcb) ((pcb) & 0xC0) 68 69 #define DIGITAL_ISO_DEP_I_BLOCK 0x00 70 71 #define DIGITAL_ISO_DEP_BLOCK_HAS_DID(pcb) ((pcb) & 0x08) 72 73 static const u8 digital_ats_fsc[] = { 74 16, 24, 32, 40, 48, 64, 96, 128, 75 }; 76 77 #define DIGITAL_ATS_FSCI(t0) ((t0) & 0x0F) 78 #define DIGITAL_ATS_MAX_FSC 256 79 80 #define DIGITAL_RATS_BYTE1 0xE0 81 #define DIGITAL_RATS_PARAM 0x80 82 83 struct digital_sdd_res { 84 u8 nfcid1[4]; 85 u8 bcc; 86 } __packed; 87 88 struct digital_sel_req { 89 u8 sel_cmd; 90 u8 b2; 91 u8 nfcid1[4]; 92 u8 bcc; 93 } __packed; 94 95 struct digital_sensf_req { 96 u8 cmd; 97 u8 sc1; 98 u8 sc2; 99 u8 rc; 100 u8 tsn; 101 } __packed; 102 103 struct digital_sensf_res { 104 u8 cmd; 105 u8 nfcid2[8]; 106 u8 pad0[2]; 107 u8 pad1[3]; 108 u8 mrti_check; 109 u8 mrti_update; 110 u8 pad2; 111 u8 rd[2]; 112 } __packed; 113 114 struct digital_iso15693_inv_req { 115 u8 flags; 116 u8 cmd; 117 u8 mask_len; 118 u64 mask; 119 } __packed; 120 121 struct digital_iso15693_inv_res { 122 u8 flags; 123 u8 dsfid; 124 u64 uid; 125 } __packed; 126 127 static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev, 128 struct nfc_target *target); 129 130 int digital_in_iso_dep_pull_sod(struct nfc_digital_dev *ddev, 131 struct sk_buff *skb) 132 { 133 u8 pcb; 134 u8 block_type; 135 136 if (skb->len < 1) 137 return -EIO; 138 139 pcb = *skb->data; 140 block_type = DIGITAL_ISO_DEP_PCB_TYPE(pcb); 141 142 /* No support fo R-block nor S-block */ 143 if (block_type != DIGITAL_ISO_DEP_I_BLOCK) { 144 pr_err("ISO_DEP R-block and S-block not supported\n"); 145 return -EIO; 146 } 147 148 if (DIGITAL_ISO_DEP_BLOCK_HAS_DID(pcb)) { 149 pr_err("DID field in ISO_DEP PCB not supported\n"); 150 return -EIO; 151 } 152 153 skb_pull(skb, 1); 154 155 return 0; 156 } 157 158 int digital_in_iso_dep_push_sod(struct nfc_digital_dev *ddev, 159 struct sk_buff *skb) 160 { 161 /* 162 * Chaining not supported so skb->len + 1 PCB byte + 2 CRC bytes must 163 * not be greater than remote FSC 164 */ 165 if (skb->len + 3 > ddev->target_fsc) 166 return -EIO; 167 168 skb_push(skb, 1); 169 170 *skb->data = DIGITAL_ISO_DEP_I_PCB | ddev->curr_nfc_dep_pni; 171 172 ddev->curr_nfc_dep_pni = 173 DIGITAL_ISO_DEP_PNI(ddev->curr_nfc_dep_pni + 1); 174 175 return 0; 176 } 177 178 static void digital_in_recv_ats(struct nfc_digital_dev *ddev, void *arg, 179 struct sk_buff *resp) 180 { 181 struct nfc_target *target = arg; 182 u8 fsdi; 183 int rc; 184 185 if (IS_ERR(resp)) { 186 rc = PTR_ERR(resp); 187 resp = NULL; 188 goto exit; 189 } 190 191 if (resp->len < 2) { 192 rc = -EIO; 193 goto exit; 194 } 195 196 fsdi = DIGITAL_ATS_FSCI(resp->data[1]); 197 if (fsdi >= 8) 198 ddev->target_fsc = DIGITAL_ATS_MAX_FSC; 199 else 200 ddev->target_fsc = digital_ats_fsc[fsdi]; 201 202 ddev->curr_nfc_dep_pni = 0; 203 204 rc = digital_target_found(ddev, target, NFC_PROTO_ISO14443); 205 206 exit: 207 dev_kfree_skb(resp); 208 kfree(target); 209 210 if (rc) 211 digital_poll_next_tech(ddev); 212 } 213 214 static int digital_in_send_rats(struct nfc_digital_dev *ddev, 215 struct nfc_target *target) 216 { 217 int rc; 218 struct sk_buff *skb; 219 220 skb = digital_skb_alloc(ddev, 2); 221 if (!skb) 222 return -ENOMEM; 223 224 *skb_put(skb, 1) = DIGITAL_RATS_BYTE1; 225 *skb_put(skb, 1) = DIGITAL_RATS_PARAM; 226 227 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_ats, 228 target); 229 if (rc) 230 kfree_skb(skb); 231 232 return rc; 233 } 234 235 static void digital_in_recv_sel_res(struct nfc_digital_dev *ddev, void *arg, 236 struct sk_buff *resp) 237 { 238 struct nfc_target *target = arg; 239 int rc; 240 u8 sel_res; 241 u8 nfc_proto; 242 243 if (IS_ERR(resp)) { 244 rc = PTR_ERR(resp); 245 resp = NULL; 246 goto exit; 247 } 248 249 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) { 250 rc = digital_skb_check_crc_a(resp); 251 if (rc) { 252 PROTOCOL_ERR("4.4.1.3"); 253 goto exit; 254 } 255 } 256 257 if (!resp->len) { 258 rc = -EIO; 259 goto exit; 260 } 261 262 sel_res = resp->data[0]; 263 264 if (!DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res)) { 265 rc = digital_in_send_sdd_req(ddev, target); 266 if (rc) 267 goto exit; 268 269 goto exit_free_skb; 270 } 271 272 target->sel_res = sel_res; 273 274 if (DIGITAL_SEL_RES_IS_T2T(sel_res)) { 275 nfc_proto = NFC_PROTO_MIFARE; 276 } else if (DIGITAL_SEL_RES_IS_T4T(sel_res)) { 277 rc = digital_in_send_rats(ddev, target); 278 if (rc) 279 goto exit; 280 /* 281 * Skip target_found and don't free it for now. This will be 282 * done when receiving the ATS 283 */ 284 goto exit_free_skb; 285 } else if (DIGITAL_SEL_RES_IS_NFC_DEP(sel_res)) { 286 nfc_proto = NFC_PROTO_NFC_DEP; 287 } else { 288 rc = -EOPNOTSUPP; 289 goto exit; 290 } 291 292 rc = digital_target_found(ddev, target, nfc_proto); 293 294 exit: 295 kfree(target); 296 297 exit_free_skb: 298 dev_kfree_skb(resp); 299 300 if (rc) 301 digital_poll_next_tech(ddev); 302 } 303 304 static int digital_in_send_sel_req(struct nfc_digital_dev *ddev, 305 struct nfc_target *target, 306 struct digital_sdd_res *sdd_res) 307 { 308 struct sk_buff *skb; 309 struct digital_sel_req *sel_req; 310 u8 sel_cmd; 311 int rc; 312 313 skb = digital_skb_alloc(ddev, sizeof(struct digital_sel_req)); 314 if (!skb) 315 return -ENOMEM; 316 317 skb_put(skb, sizeof(struct digital_sel_req)); 318 sel_req = (struct digital_sel_req *)skb->data; 319 320 if (target->nfcid1_len <= 4) 321 sel_cmd = DIGITAL_CMD_SEL_REQ_CL1; 322 else if (target->nfcid1_len < 10) 323 sel_cmd = DIGITAL_CMD_SEL_REQ_CL2; 324 else 325 sel_cmd = DIGITAL_CMD_SEL_REQ_CL3; 326 327 sel_req->sel_cmd = sel_cmd; 328 sel_req->b2 = 0x70; 329 memcpy(sel_req->nfcid1, sdd_res->nfcid1, 4); 330 sel_req->bcc = sdd_res->bcc; 331 332 if (DIGITAL_DRV_CAPS_IN_CRC(ddev)) { 333 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 334 NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A); 335 if (rc) 336 goto exit; 337 } else { 338 digital_skb_add_crc_a(skb); 339 } 340 341 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sel_res, 342 target); 343 exit: 344 if (rc) 345 kfree_skb(skb); 346 347 return rc; 348 } 349 350 static void digital_in_recv_sdd_res(struct nfc_digital_dev *ddev, void *arg, 351 struct sk_buff *resp) 352 { 353 struct nfc_target *target = arg; 354 struct digital_sdd_res *sdd_res; 355 int rc; 356 u8 offset, size; 357 u8 i, bcc; 358 359 if (IS_ERR(resp)) { 360 rc = PTR_ERR(resp); 361 resp = NULL; 362 goto exit; 363 } 364 365 if (resp->len < DIGITAL_SDD_RES_LEN) { 366 PROTOCOL_ERR("4.7.2.8"); 367 rc = -EINVAL; 368 goto exit; 369 } 370 371 sdd_res = (struct digital_sdd_res *)resp->data; 372 373 for (i = 0, bcc = 0; i < 4; i++) 374 bcc ^= sdd_res->nfcid1[i]; 375 376 if (bcc != sdd_res->bcc) { 377 PROTOCOL_ERR("4.7.2.6"); 378 rc = -EINVAL; 379 goto exit; 380 } 381 382 if (sdd_res->nfcid1[0] == DIGITAL_SDD_RES_CT) { 383 offset = 1; 384 size = 3; 385 } else { 386 offset = 0; 387 size = 4; 388 } 389 390 memcpy(target->nfcid1 + target->nfcid1_len, sdd_res->nfcid1 + offset, 391 size); 392 target->nfcid1_len += size; 393 394 rc = digital_in_send_sel_req(ddev, target, sdd_res); 395 396 exit: 397 dev_kfree_skb(resp); 398 399 if (rc) { 400 kfree(target); 401 digital_poll_next_tech(ddev); 402 } 403 } 404 405 static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev, 406 struct nfc_target *target) 407 { 408 int rc; 409 struct sk_buff *skb; 410 u8 sel_cmd; 411 412 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 413 NFC_DIGITAL_FRAMING_NFCA_STANDARD); 414 if (rc) 415 return rc; 416 417 skb = digital_skb_alloc(ddev, 2); 418 if (!skb) 419 return -ENOMEM; 420 421 if (target->nfcid1_len == 0) 422 sel_cmd = DIGITAL_CMD_SEL_REQ_CL1; 423 else if (target->nfcid1_len == 3) 424 sel_cmd = DIGITAL_CMD_SEL_REQ_CL2; 425 else 426 sel_cmd = DIGITAL_CMD_SEL_REQ_CL3; 427 428 *skb_put(skb, sizeof(u8)) = sel_cmd; 429 *skb_put(skb, sizeof(u8)) = DIGITAL_SDD_REQ_SEL_PAR; 430 431 return digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sdd_res, 432 target); 433 } 434 435 static void digital_in_recv_sens_res(struct nfc_digital_dev *ddev, void *arg, 436 struct sk_buff *resp) 437 { 438 struct nfc_target *target = NULL; 439 int rc; 440 441 if (IS_ERR(resp)) { 442 rc = PTR_ERR(resp); 443 resp = NULL; 444 goto exit; 445 } 446 447 if (resp->len < sizeof(u16)) { 448 rc = -EIO; 449 goto exit; 450 } 451 452 target = kzalloc(sizeof(struct nfc_target), GFP_KERNEL); 453 if (!target) { 454 rc = -ENOMEM; 455 goto exit; 456 } 457 458 target->sens_res = __le16_to_cpu(*(__le16 *)resp->data); 459 460 if (!DIGITAL_SENS_RES_IS_VALID(target->sens_res)) { 461 PROTOCOL_ERR("4.6.3.3"); 462 rc = -EINVAL; 463 goto exit; 464 } 465 466 if (DIGITAL_SENS_RES_IS_T1T(target->sens_res)) 467 rc = digital_target_found(ddev, target, NFC_PROTO_JEWEL); 468 else 469 rc = digital_in_send_sdd_req(ddev, target); 470 471 exit: 472 dev_kfree_skb(resp); 473 474 if (rc) { 475 kfree(target); 476 digital_poll_next_tech(ddev); 477 } 478 } 479 480 int digital_in_send_sens_req(struct nfc_digital_dev *ddev, u8 rf_tech) 481 { 482 struct sk_buff *skb; 483 int rc; 484 485 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, 486 NFC_DIGITAL_RF_TECH_106A); 487 if (rc) 488 return rc; 489 490 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 491 NFC_DIGITAL_FRAMING_NFCA_SHORT); 492 if (rc) 493 return rc; 494 495 skb = digital_skb_alloc(ddev, 1); 496 if (!skb) 497 return -ENOMEM; 498 499 *skb_put(skb, sizeof(u8)) = DIGITAL_CMD_SENS_REQ; 500 501 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sens_res, NULL); 502 if (rc) 503 kfree_skb(skb); 504 505 return rc; 506 } 507 508 int digital_in_recv_mifare_res(struct sk_buff *resp) 509 { 510 /* Successful READ command response is 16 data bytes + 2 CRC bytes long. 511 * Since the driver can't differentiate a ACK/NACK response from a valid 512 * READ response, the CRC calculation must be handled at digital level 513 * even if the driver supports it for this technology. 514 */ 515 if (resp->len == DIGITAL_MIFARE_READ_RES_LEN + DIGITAL_CRC_LEN) { 516 if (digital_skb_check_crc_a(resp)) { 517 PROTOCOL_ERR("9.4.1.2"); 518 return -EIO; 519 } 520 521 return 0; 522 } 523 524 /* ACK response (i.e. successful WRITE). */ 525 if (resp->len == 1 && resp->data[0] == DIGITAL_MIFARE_ACK_RES) { 526 resp->data[0] = 0; 527 return 0; 528 } 529 530 /* NACK and any other responses are treated as error. */ 531 return -EIO; 532 } 533 534 static void digital_in_recv_sensf_res(struct nfc_digital_dev *ddev, void *arg, 535 struct sk_buff *resp) 536 { 537 int rc; 538 u8 proto; 539 struct nfc_target target; 540 struct digital_sensf_res *sensf_res; 541 542 if (IS_ERR(resp)) { 543 rc = PTR_ERR(resp); 544 resp = NULL; 545 goto exit; 546 } 547 548 if (resp->len < DIGITAL_SENSF_RES_MIN_LENGTH) { 549 rc = -EIO; 550 goto exit; 551 } 552 553 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) { 554 rc = digital_skb_check_crc_f(resp); 555 if (rc) { 556 PROTOCOL_ERR("6.4.1.8"); 557 goto exit; 558 } 559 } 560 561 skb_pull(resp, 1); 562 563 memset(&target, 0, sizeof(struct nfc_target)); 564 565 sensf_res = (struct digital_sensf_res *)resp->data; 566 567 memcpy(target.sensf_res, sensf_res, resp->len); 568 target.sensf_res_len = resp->len; 569 570 memcpy(target.nfcid2, sensf_res->nfcid2, NFC_NFCID2_MAXSIZE); 571 target.nfcid2_len = NFC_NFCID2_MAXSIZE; 572 573 if (target.nfcid2[0] == DIGITAL_SENSF_NFCID2_NFC_DEP_B1 && 574 target.nfcid2[1] == DIGITAL_SENSF_NFCID2_NFC_DEP_B2) 575 proto = NFC_PROTO_NFC_DEP; 576 else 577 proto = NFC_PROTO_FELICA; 578 579 rc = digital_target_found(ddev, &target, proto); 580 581 exit: 582 dev_kfree_skb(resp); 583 584 if (rc) 585 digital_poll_next_tech(ddev); 586 } 587 588 int digital_in_send_sensf_req(struct nfc_digital_dev *ddev, u8 rf_tech) 589 { 590 struct digital_sensf_req *sensf_req; 591 struct sk_buff *skb; 592 int rc; 593 u8 size; 594 595 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech); 596 if (rc) 597 return rc; 598 599 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 600 NFC_DIGITAL_FRAMING_NFCF); 601 if (rc) 602 return rc; 603 604 size = sizeof(struct digital_sensf_req); 605 606 skb = digital_skb_alloc(ddev, size); 607 if (!skb) 608 return -ENOMEM; 609 610 skb_put(skb, size); 611 612 sensf_req = (struct digital_sensf_req *)skb->data; 613 sensf_req->cmd = DIGITAL_CMD_SENSF_REQ; 614 sensf_req->sc1 = 0xFF; 615 sensf_req->sc2 = 0xFF; 616 sensf_req->rc = 0; 617 sensf_req->tsn = 0; 618 619 *skb_push(skb, 1) = size + 1; 620 621 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) 622 digital_skb_add_crc_f(skb); 623 624 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sensf_res, 625 NULL); 626 if (rc) 627 kfree_skb(skb); 628 629 return rc; 630 } 631 632 static void digital_in_recv_iso15693_inv_res(struct nfc_digital_dev *ddev, 633 void *arg, struct sk_buff *resp) 634 { 635 struct digital_iso15693_inv_res *res; 636 struct nfc_target *target = NULL; 637 int rc; 638 639 if (IS_ERR(resp)) { 640 rc = PTR_ERR(resp); 641 resp = NULL; 642 goto out_free_skb; 643 } 644 645 if (resp->len != sizeof(*res)) { 646 rc = -EIO; 647 goto out_free_skb; 648 } 649 650 res = (struct digital_iso15693_inv_res *)resp->data; 651 652 if (!DIGITAL_ISO15693_RES_IS_VALID(res->flags)) { 653 PROTOCOL_ERR("ISO15693 - 10.3.1"); 654 rc = -EINVAL; 655 goto out_free_skb; 656 } 657 658 target = kzalloc(sizeof(*target), GFP_KERNEL); 659 if (!target) { 660 rc = -ENOMEM; 661 goto out_free_skb; 662 } 663 664 target->is_iso15693 = 1; 665 target->iso15693_dsfid = res->dsfid; 666 memcpy(target->iso15693_uid, &res->uid, sizeof(target->iso15693_uid)); 667 668 rc = digital_target_found(ddev, target, NFC_PROTO_ISO15693); 669 670 kfree(target); 671 672 out_free_skb: 673 dev_kfree_skb(resp); 674 675 if (rc) 676 digital_poll_next_tech(ddev); 677 } 678 679 int digital_in_send_iso15693_inv_req(struct nfc_digital_dev *ddev, u8 rf_tech) 680 { 681 struct digital_iso15693_inv_req *req; 682 struct sk_buff *skb; 683 int rc; 684 685 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, 686 NFC_DIGITAL_RF_TECH_ISO15693); 687 if (rc) 688 return rc; 689 690 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 691 NFC_DIGITAL_FRAMING_ISO15693_INVENTORY); 692 if (rc) 693 return rc; 694 695 skb = digital_skb_alloc(ddev, sizeof(*req)); 696 if (!skb) 697 return -ENOMEM; 698 699 skb_put(skb, sizeof(*req) - sizeof(req->mask)); /* No mask */ 700 req = (struct digital_iso15693_inv_req *)skb->data; 701 702 /* Single sub-carrier, high data rate, no AFI, single slot 703 * Inventory command 704 */ 705 req->flags = DIGITAL_ISO15693_REQ_FLAG_DATA_RATE | 706 DIGITAL_ISO15693_REQ_FLAG_INVENTORY | 707 DIGITAL_ISO15693_REQ_FLAG_NB_SLOTS; 708 req->cmd = DIGITAL_CMD_ISO15693_INVENTORY_REQ; 709 req->mask_len = 0; 710 711 rc = digital_in_send_cmd(ddev, skb, 30, 712 digital_in_recv_iso15693_inv_res, NULL); 713 if (rc) 714 kfree_skb(skb); 715 716 return rc; 717 } 718 719 static int digital_tg_send_sel_res(struct nfc_digital_dev *ddev) 720 { 721 struct sk_buff *skb; 722 int rc; 723 724 skb = digital_skb_alloc(ddev, 1); 725 if (!skb) 726 return -ENOMEM; 727 728 *skb_put(skb, 1) = DIGITAL_SEL_RES_NFC_DEP; 729 730 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) 731 digital_skb_add_crc_a(skb); 732 733 rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_atr_req, 734 NULL); 735 if (rc) 736 kfree_skb(skb); 737 738 return rc; 739 } 740 741 static void digital_tg_recv_sel_req(struct nfc_digital_dev *ddev, void *arg, 742 struct sk_buff *resp) 743 { 744 int rc; 745 746 if (IS_ERR(resp)) { 747 rc = PTR_ERR(resp); 748 resp = NULL; 749 goto exit; 750 } 751 752 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) { 753 rc = digital_skb_check_crc_a(resp); 754 if (rc) { 755 PROTOCOL_ERR("4.4.1.3"); 756 goto exit; 757 } 758 } 759 760 /* Silently ignore SEL_REQ content and send a SEL_RES for NFC-DEP */ 761 762 rc = digital_tg_send_sel_res(ddev); 763 764 exit: 765 if (rc) 766 digital_poll_next_tech(ddev); 767 768 dev_kfree_skb(resp); 769 } 770 771 static int digital_tg_send_sdd_res(struct nfc_digital_dev *ddev) 772 { 773 struct sk_buff *skb; 774 struct digital_sdd_res *sdd_res; 775 int rc, i; 776 777 skb = digital_skb_alloc(ddev, sizeof(struct digital_sdd_res)); 778 if (!skb) 779 return -ENOMEM; 780 781 skb_put(skb, sizeof(struct digital_sdd_res)); 782 sdd_res = (struct digital_sdd_res *)skb->data; 783 784 sdd_res->nfcid1[0] = 0x08; 785 get_random_bytes(sdd_res->nfcid1 + 1, 3); 786 787 sdd_res->bcc = 0; 788 for (i = 0; i < 4; i++) 789 sdd_res->bcc ^= sdd_res->nfcid1[i]; 790 791 rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sel_req, 792 NULL); 793 if (rc) 794 kfree_skb(skb); 795 796 return rc; 797 } 798 799 static void digital_tg_recv_sdd_req(struct nfc_digital_dev *ddev, void *arg, 800 struct sk_buff *resp) 801 { 802 u8 *sdd_req; 803 int rc; 804 805 if (IS_ERR(resp)) { 806 rc = PTR_ERR(resp); 807 resp = NULL; 808 goto exit; 809 } 810 811 sdd_req = resp->data; 812 813 if (resp->len < 2 || sdd_req[0] != DIGITAL_CMD_SEL_REQ_CL1 || 814 sdd_req[1] != DIGITAL_SDD_REQ_SEL_PAR) { 815 rc = -EINVAL; 816 goto exit; 817 } 818 819 rc = digital_tg_send_sdd_res(ddev); 820 821 exit: 822 if (rc) 823 digital_poll_next_tech(ddev); 824 825 dev_kfree_skb(resp); 826 } 827 828 static int digital_tg_send_sens_res(struct nfc_digital_dev *ddev) 829 { 830 struct sk_buff *skb; 831 u8 *sens_res; 832 int rc; 833 834 skb = digital_skb_alloc(ddev, 2); 835 if (!skb) 836 return -ENOMEM; 837 838 sens_res = skb_put(skb, 2); 839 840 sens_res[0] = (DIGITAL_SENS_RES_NFC_DEP >> 8) & 0xFF; 841 sens_res[1] = DIGITAL_SENS_RES_NFC_DEP & 0xFF; 842 843 rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sdd_req, 844 NULL); 845 if (rc) 846 kfree_skb(skb); 847 848 return rc; 849 } 850 851 void digital_tg_recv_sens_req(struct nfc_digital_dev *ddev, void *arg, 852 struct sk_buff *resp) 853 { 854 u8 sens_req; 855 int rc; 856 857 if (IS_ERR(resp)) { 858 rc = PTR_ERR(resp); 859 resp = NULL; 860 goto exit; 861 } 862 863 sens_req = resp->data[0]; 864 865 if (!resp->len || (sens_req != DIGITAL_CMD_SENS_REQ && 866 sens_req != DIGITAL_CMD_ALL_REQ)) { 867 rc = -EINVAL; 868 goto exit; 869 } 870 871 rc = digital_tg_send_sens_res(ddev); 872 873 exit: 874 if (rc) 875 digital_poll_next_tech(ddev); 876 877 dev_kfree_skb(resp); 878 } 879 880 static int digital_tg_send_sensf_res(struct nfc_digital_dev *ddev, 881 struct digital_sensf_req *sensf_req) 882 { 883 struct sk_buff *skb; 884 u8 size; 885 int rc; 886 struct digital_sensf_res *sensf_res; 887 888 size = sizeof(struct digital_sensf_res); 889 890 if (sensf_req->rc != DIGITAL_SENSF_REQ_RC_NONE) 891 size -= sizeof(sensf_res->rd); 892 893 skb = digital_skb_alloc(ddev, size); 894 if (!skb) 895 return -ENOMEM; 896 897 skb_put(skb, size); 898 899 sensf_res = (struct digital_sensf_res *)skb->data; 900 901 memset(sensf_res, 0, size); 902 903 sensf_res->cmd = DIGITAL_CMD_SENSF_RES; 904 sensf_res->nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1; 905 sensf_res->nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2; 906 get_random_bytes(&sensf_res->nfcid2[2], 6); 907 908 switch (sensf_req->rc) { 909 case DIGITAL_SENSF_REQ_RC_SC: 910 sensf_res->rd[0] = sensf_req->sc1; 911 sensf_res->rd[1] = sensf_req->sc2; 912 break; 913 case DIGITAL_SENSF_REQ_RC_AP: 914 sensf_res->rd[0] = DIGITAL_SENSF_RES_RD_AP_B1; 915 sensf_res->rd[1] = DIGITAL_SENSF_RES_RD_AP_B2; 916 break; 917 } 918 919 *skb_push(skb, sizeof(u8)) = size + 1; 920 921 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) 922 digital_skb_add_crc_f(skb); 923 924 rc = digital_tg_send_cmd(ddev, skb, 300, 925 digital_tg_recv_atr_req, NULL); 926 if (rc) 927 kfree_skb(skb); 928 929 return rc; 930 } 931 932 void digital_tg_recv_sensf_req(struct nfc_digital_dev *ddev, void *arg, 933 struct sk_buff *resp) 934 { 935 struct digital_sensf_req *sensf_req; 936 int rc; 937 938 if (IS_ERR(resp)) { 939 rc = PTR_ERR(resp); 940 resp = NULL; 941 goto exit; 942 } 943 944 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) { 945 rc = digital_skb_check_crc_f(resp); 946 if (rc) { 947 PROTOCOL_ERR("6.4.1.8"); 948 goto exit; 949 } 950 } 951 952 if (resp->len != sizeof(struct digital_sensf_req) + 1) { 953 rc = -EINVAL; 954 goto exit; 955 } 956 957 skb_pull(resp, 1); 958 sensf_req = (struct digital_sensf_req *)resp->data; 959 960 if (sensf_req->cmd != DIGITAL_CMD_SENSF_REQ) { 961 rc = -EINVAL; 962 goto exit; 963 } 964 965 rc = digital_tg_send_sensf_res(ddev, sensf_req); 966 967 exit: 968 if (rc) 969 digital_poll_next_tech(ddev); 970 971 dev_kfree_skb(resp); 972 } 973 974 int digital_tg_listen_nfca(struct nfc_digital_dev *ddev, u8 rf_tech) 975 { 976 int rc; 977 978 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech); 979 if (rc) 980 return rc; 981 982 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 983 NFC_DIGITAL_FRAMING_NFCA_NFC_DEP); 984 if (rc) 985 return rc; 986 987 return digital_tg_listen(ddev, 300, digital_tg_recv_sens_req, NULL); 988 } 989 990 int digital_tg_listen_nfcf(struct nfc_digital_dev *ddev, u8 rf_tech) 991 { 992 int rc; 993 u8 *nfcid2; 994 995 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech); 996 if (rc) 997 return rc; 998 999 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 1000 NFC_DIGITAL_FRAMING_NFCF_NFC_DEP); 1001 if (rc) 1002 return rc; 1003 1004 nfcid2 = kzalloc(NFC_NFCID2_MAXSIZE, GFP_KERNEL); 1005 if (!nfcid2) 1006 return -ENOMEM; 1007 1008 nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1; 1009 nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2; 1010 get_random_bytes(nfcid2 + 2, NFC_NFCID2_MAXSIZE - 2); 1011 1012 return digital_tg_listen(ddev, 300, digital_tg_recv_sensf_req, nfcid2); 1013 } 1014